Strategic Practice with IRM

Interim Security Expertise Made Easy

IRM has been placing interim Information Security experts with a wide range of high profile companies for 20 years.

Where a rapid response has been required, or traditional recruitment agencies have failed, IRM’s unquestionable industry expertise and extensive organic network enables our capability as a reliable partner in this space.

Why work with IRM?

Outcome-driven solutions

IRM work closely with its partners to identify outcomes that reflect success and use this as the basis upon which smart, tailored solutions are developed and proposed. We will work seamlessly with you to assemble the right team to deliver the right outcome.

Unrivalled value-add

Due to IRM’s wealth of experience and qualified in-house specialists, IRM is able to add value from inception to scoping to delivery, finessing requirements through the prism of a commercially sensitive, risk-based view to ensure our partners get the best outcomes against identified critical success criteria.

Range of specialists and flexible engagement models

From Penetration Testers to Interim CISOs, IRM is able to offer a broad range of interim solutions dependant on the issues in question. There is no cookie-cutter approach to the nuanced needs of our partners and IRM reflects this by implementing a dynamic approach to forming proposed solutions. IRM also has the capability to form a team of trusted associates run by a full-time IRM consultant that can be deployed at short notice for short or long term projects.

Specialist Areas

IRM are specialists in Penetration Testing with accreditations and a client base to reflect this. Within technical testing, IRM has delivered, and continues to deliver, interim expertise in the following areas:

Penetration Testers & Managers

Vulnerability Managers

Technical Coordinators

From a requirement scoping perspective, we are able to offer sound technical advice via Check / Crest certified specialists and, due to our extensive record of accomplishment in delivery, we have a clear view of how solutions may work from a variety of perspectives.

Effective leadership is an important facet of a strong security posture and an area were IRM is regularly asked to assist. IRM is able to deliver on site or off site expertise that can operate in any of the following roles:

IRM specialises in providing information security consultation and has an excellent record of accomplishment in delivery. Not only does IRM have an in depth knowledge of current information security standards, we have helped shape them and so, when it comes to establishing what interim solution is likely to be required and for how long, IRM is exceptionally well placed to advise and deliver.

The importance of analytics is self-evident and of growing importance as systems become more complex and the threat landscape more diverse. Whether you are looking for:

Risk Analysts

Security Analysts

Forensic Analysts

Case Study:

Penetration Testing Manager

The Challenge: A major financial services company lost their key Penetration Tester and coordinator with backlog of tests increasing while sign off for replacement was pending.

Desired Outcome: The short-term desired outcome was to work through the backlog of testing to improve their security posture. The longer term goal was to create a practicable, sustainable way of managing individual Penetration Tests and wider testing programs that could cope with attrition at short notice in order to maintain continuity in both quality and momentum.

Proposed Solution: IRM proposed deploying an interim specialist (Principal Level Penetration Tester) for 6 months to create a Penetration Testing plan, scope up individual tests, gather prerequisites and validate findings and fixes. IRM also proposed that we provide access to an IT Security Module, part of SYNERGi, free of charge. This would serve as a central point of visibility for testing, vulnerabilities and remediation so that if, in future, the same thing happened, a specialist could come on-board and pick up where the previous tester left off.

Result: A Penetration Testing plan was created and executed with the entire backlog being tested either internally or by independent vendors. The overall posture was improved as well as certain compliance-based criteria being achieved. The role of the permanent replacement was modified to fit more neatly with what was now being required and the IT Security Module became embedded in the process. This allowed for mitigation against potential future attrition and more visibility to management about how testing was being conducted.

Contact us and we'll be in touch to discuss your requirements

Get the latest updates & resources

Sign up to our newsletter and get access to all of our resources, security tips and news